Your one-stop web resource providing safety and security information to manufacturers

Opera 12.13 released and users should update their installations as soon as possible because it fixes four security issues that cyber criminals could leverage.

Arthur Gerkis identified a DOM events manipulation issue that can end up exploited to cause the web browser to crash. In some scenarios, the crashes can execute arbitrary code.

Firefox: Silent Add-ons Possible
Chrome Updated, Fixes Security Holes
Mozilla Closes Critical Holes
Chrome Wards Off BlackHole

An anonymous expert notified Opera via the iSIGHT Partners GVP Program of a problem where the use of SVG clipPaths could allow the execution of malicious code.

“When SVG documents with specifically prepared clipPaths are used in Opera, Opera may allow other content to overwrite the memory, before referencing the memory, which will lead to a crash. If an attacker can control the contents being written into memory, execution of arbitrary code may occur,” the advisory said.

Schneider Bold

A couple of low-severity vulnerabilities also ended up fixed, one of them referring to the fact that Cross-Origin Resource Sharing (CORS) requests can omit the preflight requests.

Pin It on Pinterest

Share This